

import java.io.IOException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import View.Controller;
import View.UserView;

/**
 * Servlet to be used for login purposes on the webshop, admin-site and warehouse worker packing site.
 */
@WebServlet("/login")
public class LoginServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;
       
    /**
     * Auto-generated constructor
     */
    public LoginServlet() {
        super();
    }

	/*
	 * Redirects information to the doPost() method, since we don't want stuff to be shown in the url.
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		doPost(request, response);
	}

	/*
	 * Checks where the requests are coming from with the hidden field parameter to know where the login should go and
	 * what rank the user is.
	 * If no user is in the current session one will be asked to log in. If incorrect password or username user will be
	 * returned to the index page.
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		String hiddenString = request.getParameter("hidden");
		int hidden = 3;
		if (hiddenString != null) {
			hidden = Integer.parseInt(hiddenString);
		}
		String username = (String) request.getParameter("username");
		String password = (String) request.getParameter("password");
		UserView user = (UserView) request.getSession().getAttribute("user");
		System.out.println("LoginServlet " + username + " " + password);
		String url = "/index.jsp";
		if (user == null) { // If no user is in the session, log in with given username and password.
			if (username != null && password != null) {
				if (hidden == 0) { // If coming from the register page, set parameters and create a user.
					String address = (String) request.getParameter("address");
					String zipcode = (String) request.getParameter("zipcode");
					String city = (String) request.getParameter("city");
					String email = (String) request.getParameter("email");
					String firstname = (String) request.getParameter("firstname");
					String surname = (String) request.getParameter("surname");
					Controller.createUser(username, password, 1, address, zipcode, city, firstname, surname, email);
				}
				user = Controller.login(username, password);
				request.getSession().setAttribute("user", user); // Set the user to the session.
			}
		}
		if (user != null) { // If user is already available in the session
			if (hidden == -1) {	// Log the user out since they pressed the log out button in the header.
				request.getSession().setAttribute("user", null); // Set user in the session to null.
				url = "/index.jsp";
			}  else if (user.getRank() == 0) { // If the user is an administrator send it to the administrative page.
				url = "/user/admin/admin.jsp";
			} else if (user.getRank() == 1) {
				url = "/user/profile.jsp";
			} else if (user.getRank() == 2) { // If the user is a warehouse packer send to packing site.
				url = "/packingpage.jsp";
			}
		}
		RequestDispatcher dispatcher = getServletContext().getRequestDispatcher(url);
		dispatcher.forward(request, response); // Forward the user to the correct page.
	}

}
